package org.example.securitydemo.controller;

import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.tags.Tag;
import org.example.securitydemo.entity.User;
import org.example.securitydemo.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;

@RestController
@RequestMapping("/user")
@Tag(name = "用户管理",  description = "用户管理")
public class UserController {
    @Autowired
    public UserService userService;

    // @PreAuthorize("hasRole('ADMIN') and authentication.name.equals('admin')")
    @GetMapping("/list")
    public List<User> list() {
        return userService.list();
    }

    @GetMapping("/show/{id}")
    public User getList(@PathVariable("id") Integer id) {
        return userService.getById(id);
        // try {
        //     return userService.list();
        // } catch (Exception e) {
        //     throw new RuntimeException(e);
        // }
    }

    // @PreAuthorize("hasRole('USER')")
    @PreAuthorize("hasAnyAuthority('USER_ADD')")
    @PostMapping("add")
    @Operation(summary = "添加用户", description = "添加用户")
    public void add(@RequestBody User user) {
        userService.saveUserDetails(user);
    }
}
